CVE-2005-1676

Опубликовано: 20 мая 2005

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Groove Mobile Workspace in Groove Virtual Office before 3.1 build 2338, before 3.1a build 2364, and Groove Workspace before 2.5n build 1871 allow remote attackers to inject arbitrary web script or HTML via the (1) picture columns embedded within SharePoint lists or (2) drop-down menus in a SharePoint list.

Ссылки

http://secunia.com/advisories/15421
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/372618
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/514386
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/JGEI-6BCRCC
Third Party Advisory
US Government Resource
http://secunia.com/advisories/15421
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/372618
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/514386
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/JGEI-6BCRCC
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:groove:groove_workspace:*:*:*:*:*:*:*:*

Версия до 2.5n_build_1871 (включая)

cpe:2.3:a:groove:virtual_office:*:*:*:*:*:*:*:*

Версия до 3.1_build_2338 (включая)

cpe:2.3:a:groove:virtual_office:*:*:*:*:*:*:*:*

Версия до 3.1a_build_2364 (включая)

EPSS

Процентиль: 88%

0.03622

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-m2fj-qfj5-rmmf

github

почти 4 года назад